Eight Ways to Improve Your Cyber-Security Spending

Eight Ways to Improve Your Cyber-Security Spending

When Is Cyber-Security Spending Most Productive?When Is Cyber-Security Spending Most Productive?

Dollars spent on cyber-security are most productive when allocation is based on specific business risks. However, only 38% of respondents say they have a method for prioritizing security investments based on the greatest risk and impact on the organization’s business strategy.

Forget One-Size-Fits-AllForget One-Size-Fits-All

No single methodology for strategic spending works for everyone, but enterprises should allocate resources based on risk, regardless of industry and location.

Flexible and Agile Cyber-Security HelpsFlexible and Agile Cyber-Security Helps

The scope and duration of cyber-security initiatives should be less than the typical three- to five-year business plans. That way, organizations can quickly address threats as they increase and evolve.

Shift From Prevention to Incident ResponseShift From Prevention to Incident Response

Rather than emphasizing prevention, organizations should fund processes that integrate predictive, preventive, detective and incident-response capabilities to minimize impact.

Invest in People and ProcessesInvest in People and Processes

Organizations should spend their money on people and process capabilities that enable them to respond quickly and mitigate incidents.

Identify the Crown JewelsIdentify the Crown Jewels

It is critical to invest in resources that identify and classify the most viable information assets, and to determine where they are and who has access to them.

Estimate Cyber-Security InvestmentsEstimate Cyber-Security Investments

Identify and classify assets to help IT and business executives determine how much to invest in cyber-security. Organizations should also consider the quality and end-to-end strategy of their investments.

Invest in AnalyticsInvest in Analytics

Don’t just deploy network-monitoring technologies, for example. Ensure adequate funding for data analytics that enable cyber-security personnel to discover patterns in anomalous network behavior and to act on these insights.

Karen A. Frenkel
Karen A. Frenkel
Karen A. Frenkel is a contributor to CIO Insight. She covers cybersecurity topics such as digital transformation, vulnerabilities, phishing, malware, and information governance.

Latest Articles